Today I have officially launched my new ebook “Cisco ASA Firewall Fundamentals – 3rd Edition” which is probably the most updated and practical Cisco ASA tutorial out there. It covers the newest ASA version 9.x (plus older versions as well) and all content in the book is applicable for both ASA 5500 and 5500-X series.

I wrote the original First Edition of “Cisco ASA Firewall Fundamentals” in 2008. Since then, I have been updating and enhancing the ebook with all new developments and features that Cisco adds to the ASA product line.

This Third Edition of the book is completely updated to cover the latest ASA version 9.x. All configuration commands, features etc will work on the newest ASA 9.x (in addition to older 8.x versions) and also on the newest ASA 5500-X models. This updated book Edition includes also extensive new content, making it one of the most complete ASA books available in the market. I believe that the Third Edition ebook will be a valuable resource for both beginners and experienced ASA professionals.

This ebook (PDF Format) is filled with raw practical concepts, step-by-step configuration tutorials, more than 50 colorful network diagrams to explain the scenarios, Complete Configuration Examples, real-world cases that you will not find anywhere else etc. There is no fluff or redundant information.

Some of the new topics added in the book include:

Basic, Advanced, and Scanning Threat Detection

IKEv2 IPSEC VPN (site-to-site)

IKEv2 Remote Access VPN (Using Anyconnect Secure Mobility Client)

Anyconnect SSL VPN using Self-Signed ASA Certificate

Anyconnect SSL VPN using Certificates from the Local CA on ASA for Certificate Based Authentication together with username/password (two factor)

Those are the additional topics added in 3rd Edition. The rest of the book covers much more content which comprise the most important features and configurations that you will encounter in Cisco ASA firewalls.

I believe that this ASA Configuration Guide will be a valuable resource for any Cisco Professional for years to come. Again, keep in mind that by purchasing this ebook you will be getting huge discounts of the future updated editions of the book that I will be publishing. Just make sure to subscribe to my “Customers’ email list” (at the download page after purchasing the book) in order to be eligible for the discounts.

On October 16, 2017 a serious security vulnerability has been published by researchers from KU Leuven, a university in Belgium. This has to do with WPA2 protection in WiFi networks, which is the modern security standard considered to be very safe so far. This vulnerability has to do with the WPA2 technology itself and is […]

In this article I will show you how to deny access to specific websites (domain names) with a normal Cisco ASA firewall. This works on either the older 5500 models or the new 5500-X series devices. The only pre-requisite for the firewall is to run software version 8.4.2 and later. Also, you don’t need to […]

Last week the whole world, and especially the information security community, has been buzzing around the massive ransomware attacks that infected thousands of computers in hundreds of countries. But how did all started? Many of you know the story, but let’s summarize it once again: NSA had developed some secret exploits that took advantage of […]

In this post we will discuss DNS Doctoring on Cisco ASA firewalls. This is a useful feature and although it’s very simple to configure, not many people know about it. DNS Doctoring is helpful in the following situation: Assume you have a Web Server connected to a DMZ zone on a Cisco ASA firewall and […]

The Border Gateway Protocol (BGP) is considered to be the routing protocol of the Internet because it runs between Internet Service Providers (ISPs) to interconnect all Autonomous Systems (AS) comprising the whole internet. Of course the above refers to External BGP (eBGP) which runs between different Autonomous Systems. There is also another “flavor” of BGP […]

In this article we will describe how to configure both LACP and PAgP EtherChannels on Cisco switches. An EtherChannel is a Link Aggregation technology whereby two switches are connected together with multiple interfaces which are bundled together to form a single logical interface (“Port-Channel”) therefore increasing bandwidth between the switches. EtherChannel Use-Case The diagram below […]

Throughout my professional career in networking I was lucky to work with all Cisco firewall models and therefore I have experienced the “evolution” of every firewall product developed by Cisco. For the SMB/SOHO market, Cisco’s initial offering was the PIX 501, followed by the successful Cisco ASA 5505. The latter came to an End-of-Sale in […]

A new serious vulnerability was discovered on Cisco ASA devices, called “EXTRABACON”, and was recently patched by Cisco by releasing several software updates for the device. You need to carefully read the following security advisory (CVE-2016-6366) from Cisco and patch your devices as soon as possible. At the end of the article above there is […]

In this post I have gathered the most useful Cisco ASA Firewall Commands and created a Cheat Sheet list that you can download also as PDF at the end of the article. I have been working with Cisco firewalls since 2000 where we had the legacy PIX models before the introduction of the ASA 5500 […]

Network infrastructure devices (routers, switches, load balancers, firewalls etc) are among the assets of an enterprise that play an important role in security and thus need to be protected and configured accordingly. Many enterprises focus on protecting their servers, applications, databases etc but they forget about security of network devices which are sometimes installed with […]

On June 7, 2016, Cisco released the “Cisco Visual Networking Index™ (VNI) Complete Forecast for 2015 to 2020” where several notable internet traffic statistics are predicted by the networking giant. I have summarized the forecast document and presenting you below the most important stats and predictions about Internet traffic, Internet usage etc: Global IP traffic […]

In this article we will discuss the similarities and differences between the 3 “First Hop Redundancy” protocols supported by Cisco devices. These are Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP) and Gateway Load Balancing Protocol (GLBP). The main purpose of the above protocols is to provide redundancy to the default gateway (router […]

What if I told you that there are almost 500 practical Cisco networking tutorials waiting for you on a single website that can help you learn hundreds of different networking topics? This resource is NetworkLessons and is probably one of the few online education portals with so many lessons on Cisco technologies, ranging from configuration […]

Categories

Categories

About Networks Training

We Provide Technical Tutorials and Configuration Examples about TCP/IP Networks with focus on Cisco Products and Technologies. This blog entails my own thoughts and ideas, which may not represent the thoughts of Cisco Systems Inc. This blog is NOT affiliated or endorsed by Cisco Systems Inc. All product names, logos and artwork are copyrights/trademarks of their respective owners.